Closed Bug 785279 Opened 12 years ago Closed 10 years ago

reimplement spdy upstream compression

Categories

(Core :: Networking: HTTP, enhancement)

x86_64
Windows 7
enhancement
Not set
normal

Tracking

()

RESOLVED WONTFIX

People

(Reporter: mcmanus, Assigned: mcmanus)

References

Details

(Keywords: sec-other, Whiteboard: [spdy])

as part of 779413 spdy upstream compression was disabled in both spdy/2 and spdy/3 to plug a cookie extraction by traffic analysis attack.

It is expected that spdy/4 won't suffer from the problem, but we can find a way to get some compression back in 2/3 with a clever implementation. Chrome has made custom zlib modifications in http://src.chromium.org/viewvc/chrome?view=rev&revision=151720 to accomplish this, and we could build on that code as one potential option.

this is marked as a security bug because of the dependency on 779413 - when that vulnerability is published this can bug can be opened too. It doesn't need a security rating of its own.
Opening as bug 779413 is now public.
Group: core-security
Depends on: 868551
http/2 is going to be the answer here.
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.